There are no reviews yet. Be the first to send feedback to the community and the maintainers!
Repository Details
We present a novel approach, called SecureReqNet, for automatically identifying whether issues in bug or issue tracking systems describe security related content that should be given careful attention. Our approach consists of a two-phase deep learning architecture that operates purely on the natural language descriptions of issues. The first phase of our approach learns high dimensional sentence embeddings from hundreds of thousands of descriptions extracted from software vulnerabilities listed in the CVE database and issue descriptions extracted from open source projects using an unsupervised learning process. The second phase then utilizes this semantic ontology of embeddings to train a deep convolutional neural network capable of predicting whether a given issue contains security- related information.
